The Tenable Appliance ships with the Network Time Protocol (NTP) service. Recently, several vulnerabilities were identified by a third-party and fixed by the vendor. Some of these issues may allow for remote code execution. The issues include: NTP ntpd/ntp_crypto.c crypto_recv() Function Packet Handling Remote Stack Buffer Overflow NTP ntpd/ntp_control.c configure() Function Packet Handling Remote Stack Buffer Overflow NTP ntpd/ntp_control.c ctl_putdata() Function Packet Handling Remote Stack Buffer Overflow NTP ntp-keygen MD5 Key Generation Weak RNG Seed MitM Issue NTP Weak RSA Key Generation Modulus Unspecified Issue NTP Extension Fields Missing vallen Validation Unspecified Issue NTP Unspecified ::1 Spoofing Source IP ACL Bypass NTP ntp_proto.c receive() Function Error Clause Missing return Statement Unspecified Weakness NTP ntpd/ntp_config.c config_auth() Weak Default Key Generation While the NTP service may allow remote traffic, best practices say that such an appliance should not be Internet accessible. If deployed in accordance with best practices, attacks would have to be conducted from an internal network. Please note that Tenable strongly recommends that the appliance be installed on a subnet that is not Internet addressable.